Posted
by
Soulskill
on Friday October 15, 2010 @05:44PM
from the anything-you-tweet-may-be-used-against-you-in-a-court-of-law dept.

jamie tips an article by Slashdot vet Keith Dawson about the uncertain state of privacy protection for one-to-one online communications through social sites and services. Quoting:
"The privacy of these communications is protected mainly under a law — ECPA, the Electronic Communications Privacy Act — dating from 1986 and crafted for then-existing email (think Compuserve and Prodigy) and emerging cellular networks. This law is an increasingly poor fit for modern and emerging communication modalities. Email stored on servers is treated differently depending on whether or not the user has read a particular message; and messages older than 6 months in storage enjoy different protection than newer messages. In attempting to apply the ECPA to social networking media, courts have interpreted users' privacy rights in a variety of ways. ... One shortcoming of the ECPA is that it does not require email, search engine, cloud computing or social networking sites to report how many requests for private data they get from authorities. Whatever the number, it almost certainly dwarfs the number of real-time online intercepts (wiretap, pen register, and trap and trace orders), for which statistics must be kept."

Of course, getting your recipients to accept and send encrypted mails is a different matter.

I have GPG configured and sent the grand total of 3 emails using it. Nobody else I know (in an entire CS course, both teachers and colleagues) has a public key I can use. Even if they understand the concept (I've explained it some times) they simply don't care.